Affected by GO-2023-1520 and 11 other vulnerabilities

GO-2023-1520: JWT audience claim is not verified in github.com/argoproj/argo-cd

GO-2023-1577: Users with any cluster secret update access may update out-of-bounds cluster secrets in github.com/argoproj/argo-cd

GO-2023-1670: Argo CD authenticated but unauthorized users may enumerate Application names via the API in github.com/argoproj/argo-cd

GO-2023-2049: Argo CD cluster secret might leak in cluster details page in github.com/argoproj/argo-cd

GO-2023-2050: Argo CD repo-server Denial of Service vulnerability in github.com/argoproj/argo-cd

GO-2024-2646: Cross-site scripting on application summary component in github.com/argoproj/argo-cd/v2

GO-2024-2667: Out of memory crash from malicious Helm registry in github.com/argoproj/argo-cd/v2

GO-2024-2728: Argo CD's API server does not enforce project sourceNamespaces in github.com/argoproj/argo-cd

GO-2024-2792: Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences in github.com/argoproj/argo-cd

GO-2024-2877: ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache in github.com/argoproj/argo-cd

GO-2024-2898: Argo-cd authenticated users can enumerate clusters by name in github.com/argoproj/argo-cd

GO-2024-3002: Argo CD Unauthenticated Denial of Service (DoS) Vulnerability via /api/webhook Endpoint in github.com/argoproj/argo-cd

managedfields

package

v2.4.8 Latest Latest Go to latest Published: Jul 29, 2022 License: Apache-2.0 Imports: 10 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/argoproj/argo-cd

Links

Open Source Insights

Documentation ¶

Index ¶

func Normalize(live, config *unstructured.Unstructured, trustedManagers []string, ...) (*unstructured.Unstructured, *unstructured.Unstructured, error)
func ResolveParseableType(gvk schema.GroupVersionKind, parser *k8smanagedfields.GvkParser) *typed.ParseableType
func StaticParser() *typed.Parser

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func Normalize ¶

func Normalize(live, config *unstructured.Unstructured, trustedManagers []string, pt *typed.ParseableType) (*unstructured.Unstructured, *unstructured.Unstructured, error)

Normalize will compare the live and config states. If config mutates a field that belongs to one of the trustedManagers it will remove that field from both live and config objects and return the normalized objects in this order. This function won't modify the live and config parameters. If pt is nil, the normalization will use a deduced parseable type which means that lists and maps are manipulated atomically. It is a no-op if no trustedManagers is provided. It is also a no-op if live or config are nil.

func ResolveParseableType ¶ added in v2.4.0

func ResolveParseableType(gvk schema.GroupVersionKind, parser *k8smanagedfields.GvkParser) *typed.ParseableType

func StaticParser ¶ added in v2.4.0

func StaticParser() *typed.Parser

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL